Privacy Policy

Last Updated October 28, 2025

Patient 2 Thrive, LLC and www.patient2thrive.com (“Patient 2 Thrive,” “P2T,” “we,” “us,” or “our”) thank you for visiting the online and mobile resources we publish. We use “you” and “your” to mean the reader and other visitors to our online and mobile resources who are, in all cases, over the age of 13. This privacy statement (“Privacy Statement”) explains what personal information we collect, how we use it, with whom we share it and why, and how we protect it.

“Online and mobile resources” means the websites and other internet features we own that allow you to interact with our content, as well as any apps we create and distribute to let customers and followers view our resources or otherwise interact with us.

WHO WE COLLECT PERSONAL INFORMATION FROM

We may collect personal information from the following groups of data subjects:

Visitors and users of our online and mobile resources

Customers/clients (e.g., med spa owners and their teams)

Workforce members and job applicants

Vendors and business partners

“Personal information” generally means information that identifies, relates to, describes, or can reasonably be linked to a particular consumer or household (e.g., name, address, telephone number, email, IP address, identifiers, and similar data). Where applicable law provides specific definitions (e.g., the California Consumer Privacy Act as amended by the CPRA (collectively, “CCPA/CPRA”), EU/EEA General Data Protection Regulation (“GDPR”), and UK-GDPR), our use of “personal information” includes those definitions.

Much of this statement addresses personal information collected from visitors/users of our online and mobile resources and customers. We also collect and retain professional/employment-related information for workforce members and applicants as appropriate for HR administration. Those practices are described in separate internal notices/portals made available to our workforce/applicants (including where those portals are operated by third parties who transfer data to us).

We also collect limited business contact information from vendors and business partners to manage our contractual relationships and administer our operations; details may appear in our vendor contracts or portals.

WHAT WE COLLECT

We obtain two broad types of information:

Non-personal information collected automatically (e.g., device/browser data); and

Personal information that you voluntarily provide or that is collected automatically.

By using our online and mobile resources or purchasing our products/services, you consent to the practices described in this Privacy Statement.

A. Voluntarily Submitted Information

If you participate in certain activities via our resources, you may be asked to provide:

Identifiers (name, email address, postal address, phone number)

Professional information (business/clinic, role)

Billing information (e.g., credit/debit card or other payment details processed via our payment providers)

We do not sell personal information. We also do not use personal information for automated decision-making or profiling in a way that produces legal or similarly significant effects.

If you prefer not to share certain personal information, please do not submit it. This may limit your ability to use some features but won’t prevent access to information that is publicly available on our site.

Common ways you provide information and how we use it:

Emails & Online Forms – If you email us or fill out a form (contact, lead-gen, booking, demo, application), we retain your email and any included personal information to respond and process your request. Depending on your submission and permissions, we may follow up via email, phone, and/or text, and send information about products or services we believe may interest you.

Account Registration – If you create an account (or authorize sub-accounts), we use your information to set up and manage the account(s), authenticate logins, and communicate about account activity.

Event/Webinar Registrations – If you register for an event we host, we use your information to process your registration, send confirmations/reminders, and—if fees apply—process payment via our payment providers.

Subscribers/Clients – We use client information to fulfill contracts, deliver and optimize our services (e.g., ad operations, call center services, CRM/automation), and communicate about your account.

Community Features & Social Media – If our resources include community features (comments, uploads, posts), information you share—including your display name—may be public. Treat any posting as public and avoid sharing sensitive information.

B. Automatically Collected Information (Cookies, Pixels, Similar Tech)

We and our service providers use cookies, pixels, tags, SDKs, and similar technologies to collect:

Domain name; IP address; device and browser type; operating system;

Dates/times and length of visit; pages viewed; downloads; referring and exit pages;

Interactions with our forms, ads, and features;

For mobile access: mobile device identifiers and, if enabled, coarse or precise location.

We use these data to operate, secure, and improve our resources; remember preferences; measure performance; debug and prevent fraud; and personalize certain content. We may use Google Analytics and similar tools. To learn about Google’s practices and opt-out options, visit policies.google.com/technologies/partner-sites and tools.google.com/dlpage/gaoptout.

Location Services – Disable location services in your device settings if you do not want us to collect geolocation data.

We retain personal information for as long as necessary for the purposes described here, consistent with applicable laws and our internal retention schedules.

USER BEWARE: EXTERNAL SITES, APPS, LINKS & SOCIAL MEDIA

We maintain a presence on external platforms (e.g., Facebook/Meta, Instagram, LinkedIn, YouTube). Our resources may link to third-party sites/apps or embed third-party features. We are not responsible for the content or privacy practices of those platforms or sites. Review their privacy policies and terms before using them.

WHEN / WITH WHOM WE SHARE PERSONAL INFORMATION

We use non-personal information to administer our resources and make business decisions. We use personal information to respond to inquiries; provide, improve, and secure our services; and for the purposes described in this Statement. We do not sell personal information and, within the last 12 months, we have not sold personal information. We also do not share personal information for cross-context behavioral advertising as defined by California law, unless and until we provide a clear “Do Not Sell or Share My Personal Information” mechanism and you choose to opt-in where required.

No mobile information will be shared with third parties/affiliates for marketing/promotional purposes. Information sharing to subcontractors in support services, such as customer service, is permitted.

We may disclose information as follows:

Affiliates – We may share personal information within our family of companies under substantially similar privacy protections, including to inform you of relevant products/services. However, no mobile information will be shared with third parties/affiliates for marketing/promotional purposes.

Vendors/Processors – We share information with service providers under contract (e.g., hosting, analytics, payment processing, CRM, call center/SMS providers, email platforms, identity verification, security, ad operations) who must use the data only to perform contracted services and protect it appropriately. Information sharing to subcontractors in support services, such as customer service, is permitted.

Business Partners (at your direction) – With your consent or direction (e.g., integrations you enable), we may share with third-party platforms you choose to connect (such as CRM, calendar, or marketing tools).

Legal/Compliance – We may disclose information if required by law or in response to valid legal requests (e.g., subpoenas, court orders), or when we believe disclosure is necessary to protect our rights, users, or the public, investigate fraud/security issues, or enforce our terms.

Business Transfers – In connection with an actual or contemplated merger, acquisition, reorganization, or sale of assets, your information may be transferred as permitted by law and subject to standard protections.

We seek to contractually require our vendors and partners to meet our data-protection standards, but cannot guarantee compliance by third parties at all times.

YOUR RIGHTS & CHOICES

You can use most of our resources without providing personal information. You may opt-out of certain communications (e.g., newsletters, SMS) as described below. Rights vary by jurisdiction.

Email – Use the unsubscribe link in our emails or contact us (see “Contacting Us”).

SMS/Text – Reply STOP to opt-out; HELP for help. Message/data rates may apply.

Analytics/Cookies – Manage cookies via your browser/device settings. You can opt out of certain analytics as noted above.

Access/Correction/Deletion – Contact us to access, correct, or delete your personal information, subject to legal limitations.

Do Not Track – Some browsers transmit “Do Not Track” signals. We currently do not respond to such signals.

CHILDREN’S PRIVACY

Our resources are not intended for children under 13 without verifiable parental consent. We do not knowingly collect personal information from children under 13. If we learn we have information about a minor under 13 (or under 16 where parental consent is required), we will delete it. If you believe a minor provided personal information to us, contact [email protected].

HOW WE PROTECT PERSONAL INFORMATION

We maintain a written information security program with technical, organizational, and administrative safeguards designed to protect personal information consistent with industry standards and applicable law. However, no system is 100% secure. Except for obligations required by law, we disclaim liability for unauthorized access, loss, misuse, or alteration of data. We maintain incident response procedures and require vendors to notify us of incidents affecting data we share with them.

CALIFORNIA PRIVACY NOTICE (CCPA/CPRA)

If you are a California resident, you have specific rights under the CCPA/CPRA. For this section, “you” refers only to California residents.

Categories Collected (past 12 months)

Identifiers (e.g., name, email, IP, device IDs)

Customer records information (e.g., billing details processed by payment providers)

Commercial information (e.g., services purchased)

Internet/electronic activity (e.g., browsing history, interactions)

Geolocation data (if enabled)

Audio/electronic data (e.g., recorded customer support calls with notice, voicemail)

Sensitive personal information (e.g., precise geolocation) is collected only if you enable the relevant feature and is used for limited purposes permitted by law.

Sources, Uses, and Disclosure

We collect from you, your devices, our service providers, and publicly available sources. We use personal information for the business purposes described above and disclose to service providers, affiliates, and, at your direction, partners/integrations.

Sell/Share

We do not sell personal information and do not “share” it for cross-context behavioral advertising. If this ever changes, we will update this Statement, provide a “Do Not Sell or Share” link, and honor your choices.

Your California Rights

Subject to verification and limits, you may request to:

Know/Access the categories and specific pieces of personal information we collected about you;

Delete personal information;

Correct inaccurate personal information;

Limit the use of sensitive personal information (if applicable);

Opt-out of sale or sharing (not currently applicable);

Non-discrimination for exercising your rights.

How to Exercise: Email [email protected] or call (954) 516-3328. We may request information to verify your identity and may provide instructions or a request form. Authorized agents may make requests with proof of authorization and identity.

GDPR / UK-GDPR NOTICE

If you are located in the EU/EEA or the UK, we process your personal data as a controller for the purposes described. Our legal bases include legitimate interests (e.g., site operations, security, analytics, B2B marketing to the extent permitted), contract (to deliver services you or your company purchase), consent (where required for certain cookies/marketing), and legal obligations.

We may transfer personal data outside the EU/EEA/UK using appropriate safeguards (e.g., Standard Contractual Clauses and, where applicable, the UK Addendum). Where consent is required, you can withdraw consent at any time without affecting prior processing.

Your rights may include access, rectification, erasure, restriction, objection, portability, and the right to lodge a complaint with your supervisory authority. To exercise rights, contact [email protected].

RIGHTS OF DATA SUBJECTS IN OTHER JURISDICTIONS

Where other local laws provide privacy rights (e.g., Canada, Switzerland, certain U.S. states beyond California), we will honor applicable rights consistent with those laws. Contact [email protected] for assistance.

MARKETING COMMUNICATIONS & CONSENT (Email, Phone, SMS/MMS)

By submitting forms on our websites or otherwise providing contact information, you consent to be contacted by Patient 2 Thrive (and, where applicable, its divisions/affiliates and contracted service providers) via email, phone, and SMS/MMS, including the use of automated technologies and prerecorded messages, consistent with applicable laws (e.g., TCPA, CAN-SPAM). Consent is not a condition of purchase. Message/data rates may apply. Frequency varies.

No mobile information will be shared with third parties/affiliates for marketing/promotional purposes. Information sharing to subcontractors in support services, such as customer service, is permitted.

Opt-Out (Email) – Use the unsubscribe link in any marketing email or email [email protected].

Opt-Out (SMS) – Reply STOP to any text. Reply HELP for help.

Opt-Out (Calls/Voicemail) – Email [email protected] or call (954) 516-3328 with the number to be removed.

We do not sell your personal information. Where our use of third-party advertising/analytics could be deemed “sharing” under California law, we will provide a Do Not Sell or Share mechanism and honor your choices.

Any prior no-contact or do-not-call preferences you provide will be honored. You will not be penalized for opting out.

CHANGES TO THIS PRIVACY STATEMENT

This Privacy Statement is effective as of October 28, 2025. We may update it from time to time. Please check our site periodically for changes. Your continued use of our resources after an update constitutes acceptance of the revised Privacy Statement.

CONTACTING US

If you have questions about this Privacy Statement or our privacy practices, please contact us:

Patient 2 Thrive, LLC

Attn: Legal & Compliance

333 Las Olas Way Suite #324, Fort Lauderdale, FL 33301

[email protected]

(954) 516-3328

Important Legal Note

This Privacy Statement is provided for general informational purposes and reflects our good-faith understanding of current laws. It is not legal advice. Because your operations, tech stack, and data flows are unique, please ask your legal counsel to review and tailor this document (including cookie banners/consent, data processing addenda, and your “Do Not Sell or Share” workflow, if applicable) before publishing.